cyberhoot newsletter july 2022

CyberHoot Newsletter – July 2022

Restaurant Cloud-based POS Systems Hacked Multiple POS systems used by restaurants all over the world (MenuDrive, HarborTouch, and InTouchPOS) have been hacked enabling hackers to collect credit card details on …

june 2022 newsletter

CyberHoot Newsletter – June 2022

Ransomware Insurance: Prescriptive and Restrictive Insurers are drafting more restrictive and prescriptive insurance policy requirements designed to reduce the number of claims and better protect themselves and the companies they …

october 2021 newsletter

CyberHoot Newsletter – October 2021

Outlook “Autodiscover” Leaking Passwords Cybersecurity experts at Guardicore published a report on security concerns in Microsoft’s “Autodiscover” feature. In 4 months time, they collected over 372,072 domain credentials and ~100k in …

Jeff Bezos and the WhatsApp Security Flaw

Knowing how to protect yourself and your critical accounts from compromise is becoming ever more important. Learn what can happened to and setup 2FA into all of your online critical accounts.

Network Based Intrusion Detection System (NIDS)

A Network Based Intrusion Detection System (NIDS), or Network Based IDS, is security hardware that is placed strategically to monitor critical network traffic. Traditional Network Based IDS analyzes passing network …

Critical Microsoft Vulnerabilities

Infrequently, Microsoft released critical vulnerability alerts and patches that are so important to know about, that you should stop what you’re doing and review them and plan to patch as soon as possible. This is one of those times.

Root Cause Analysis

A root cause seeks to examine all the potential causes for a major incident at a business and select the root cause from them. Then it seeks to propose mitigating controls to prevent the root cause from recurring.

CyberHoot Newsletter – Volume 1

The Department of Homeland security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a National Terrorism Advisory Bulletin on Jan. 4th, 2020. This agency only issues such warnings when there is a credible, specific and impending terrorism threat against the United States. In this case, their warning focused primarily upon cybersecurity attacks against US government and business entities in retribution for the killing of Iranian IRGC-Quds Force commander Qassem Soleimani. Iran has a history of cyber-attacks against US Businesses and government entities. Companies should be on high alert and remind employees to be especially vigilant in email phishing attacks amongst other cybersecurity best practices.

nation state hacker group

Nation State Hackers

Nation State hackers are the best of the best.  Their attacks are evolving and are not often seen or discussed in the day-to-day world because attribution of an attack to …

DeepFakes

Deepfakes: Hackers Newest Trick

Technology is always improving and hackers are always finding novel ways to exploit those advances. Cyber security analysts believe new attacks are on the way next year with some powerful …

RYUK Ransomware infects 110 Healthcare Facilities

This past Thanksgiving weekend, 110 healthcare facilities were infected by a ransomware attack on their IT provider. Virtual Care Provider Inc. (VCPI), provides security, data hosting and access management services …

Google Chrome Zero Day in the Wild

CyberHoot has learned there is a new Zero-Day vulnerability in Chrome actively being exploited in the Wild. Your computer can be compromised just by visiting a malicious website. That is …